Data protection company Datto has released the results of a ransomware survey based on data from 1700 managed service providers which shows that a sum of US$301 million was paid to attackers between the second quarter of 2016 and the second quarter of 2017.
The survey, State of Channel Ransomware Report, unsurprisingly found that MSPs forecast ransomware attacks were expected to increase.
The MSPs in question work with more than 100,000 small- and medium-sized businesses and 99% of the MSPs predict an uptick in attacks will continue across the next two years.
The survey also found that the financial strain caused by ransomware attacks was more due to downtime, rather than the payment of the actual ransom.
{loadposition sam08}There was a big difference in the degree of concern over ransomware among the MSPs and the SMBs, with 90% of the former saying they were "highly concerned while only 38% of SMBs felt the same way.
The survey found six in seven SMBs globally victimised by ransomware between 2015 and 2017 while six in 10 reported attacks in the first half of 2017. For the Asia-Pacific region, 93% of MSPs reported attacks between 2015-2017 and 75% reported attacks in the first half of 2017.
Globally, 79% of MSPs reported recent attacks on between one and five SMBs. In the APAC region, 35% of MSPs reported attacks on on more than six SMBs in the last year. The same percentage reported multiple ransomware incidents on a single day.
Less (35%) SMBs globally paid the ransom demanded, but the figure in APAC was higher (44%).
Twenty-nine percent of MSPs reported that ransomware persisted on an SMB's systems after a first attack and struck again at a later date while 33% of MSPs reported an SMB's back-up was also encrypted. For the APAC region, 42% experienced back-ups being encrypted.
As far as attacks went, CryptoLocker attacks accounted for 834% globally. WannaCry was reported in the APAC region by 20% of MSPs.
Looking at industries affected, the MSPs reported construction and manufacturing highly targeted (48% globally and 62% in APAC). Professional services were reported as being targeted by 28% of MSPs, while healthcare (28%), real estate (12%) and education (12%) followed.
Software-as-a-service was not immune from ransomware attacks either, the survey found. Seventy-six percent of the MSPs found attacks in Dropbox, 32% in Office 365, 21% in G Suite apps, 5% in box and 2% in Salesforce. In APAC, overall 42% reported ransomware infections in cloud-based apps - 78% in Dropbox, 30% in Office 365 and 15% in the G Suite.
Back-up and disaster recovery solutions were seen as the way to avoid ransomware attacks turning into a disaster. Ninety-six percent of MSPs reported that SMBs who had these measures in place were able to fully recover. In APAC, this figure was 60%.
Without these measures in place, 40% of MSPs reported that SMBs were unable to recover.
The report can be downloaded here after registration.